Cybersecurity Starts in the Boardroom
The US Government, Cybersecurity and Infrastructure Security Agency (CISA) has added several new Microsoft Windows, vulnerabilities to it’s database. These all need patches – so again it is a good time to check that your “auto-updating” is working or time to get an Octagon IT monitoring package and let experts monitor the …
This post was first published on 19 April 2022 Following up on the article below, here is a real world example of bug bounties working to improve cybersecurity. The US Government’s Department of Homeland Security (DHS) worked with a group of cyber security analysts, who uncovered 122 vulnerabilities in the …
“Smishing” is similar to phishing but instead of using email the cyber criminals tempt you with a text message. Still targeting the usual suspects of your personal information and money. This report on scams and attacks being distributed using sms text messaging is US centric – but what happens over …
This post was first made on 22 April 2022 I regularly write about the issues around the zero-day vulnerability and our Social Engineering and Email Cyber Security Training course aims to equip individuals and organisations to meet the challenge that the zero-day poses. Google’s Project Zero has reported on it’s …
Continue reading “Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022”
SANS Internet Storm Centre has a couple of blog posts looking at the mechanics of a Word document and a PDF both of which are malicious payloads in a phishing email. This is what you are up against! Analyzing a Phishing Word Document – SANS Internet Storm Centre Simple PDF …
